The cabinet division has issued an advisory against hackers targeting government officials through impersonation.
According to the advisory, the hackers have accelerated their activities against government officials by exploiting human curiosity to open malicious links being sent through social media platforms and emails, etc.
These threat actors are impersonating high-level officials, and if the malicious links are clicked, the targeted mobiles and computer systems are infected. The infected systems then can lead to sophisticated attacks including extraction of sensitive information and gaining unauthorized access to the target device to become transmitters of information including microphone access.
The advisory said that hackers use mobile numbers and other details of high-level officials obtained through hacking in the past. Hackers use it to send phishing emails or spoofed SMS or WhatsApp messages to selected targets. A well-crafted message is prepared to trick the victims into disclosing their sensitive information or clicking on suspicious links or attachments.
The advisory has asked citizens and government officials to always confirm before opening a link received in an email or message from a known or unknown user. It has also asked to scan the attachments with an antivirus before downloading any attachments, including trusted attachments.
Government officials were advised to apply updates to their operating system and software applications on all computing devices such as PCs, laptops, mobiles, wearables, and use well-reputed and trusted antivirus or antimalware in all computing devices, and never use personal accounts on official devices.
Government officials need to use Multi-Factor Authentication (MFA) wherever possible and never share personal details and credentials with unauthorized or suspicious users, websites, applications, etc.
It has also recommended ways to type URLs in the browser rather than clicking on links always open websites with HTTPS and avoid visiting HTTP websites.